Microsoft Windows Task Scheduler Local Privilege Escalation Vulnerability
BID:69593
CVE-2014-4074 |Info
Microsoft Windows Task Scheduler Local Privilege Escalation Vulnerability
| Bugtraq ID: | 69593 |
| Class: | Design Error |
| CVE: |
CVE-2014-4074 |
| Remote: | No |
| Local: | Yes |
| Published: | Sep 09 2014 12:00AM |
| Updated: | Sep 09 2014 12:00AM |
| Credit: | James Forshaw of Context Information Security |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
Microsoft Windows Task Scheduler Local Privilege Escalation Vulnerability
Microsoft Windows is prone to a local privilege-escalation vulnerability.
A local attacker may exploit this issue to execute arbitrary code with the Local system account. Successful exploits will result in the complete compromise of affected computers.
Microsoft Windows is prone to a local privilege-escalation vulnerability.
A local attacker may exploit this issue to execute arbitrary code with the Local system account. Successful exploits will result in the complete compromise of affected computers.
Exploit / POC
Microsoft Windows Task Scheduler Local Privilege Escalation Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Microsoft Windows Task Scheduler Local Privilege Escalation Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Microsoft Windows 8 for x64-based Systems 0
Microsoft Windows 8.1 for x64-based Systems 0
Microsoft Windows Server 2012 R2 0
Microsoft Windows 8.1 for 32-bit Systems 0
Microsoft Windows 8 for 32-bit Systems 0
Microsoft Windows Server 2012 0
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Microsoft Windows 8 for x64-based Systems 0
-
Microsoft Security Update for Windows 8 for x64-based Systems (KB2988948)
http://www.microsoft.com/downloads/details.aspx?familyid=cc9b76ec-a613 -4b99-b012-5a1904b33646
Microsoft Windows 8.1 for x64-based Systems 0
-
Microsoft Security Update for Windows 8.1 for x64-based Systems (KB2988948)
http://www.microsoft.com/downloads/details.aspx?familyid=20bbef91-a533 -474e-8a70-f221adc92932
Microsoft Windows Server 2012 R2 0
-
Microsoft Security Update for Windows Server 2012 R2 (KB2988948)
http://www.microsoft.com/downloads/details.aspx?familyid=2cbbd92a-0882 -4243-954e-1895ad5dbd05
Microsoft Windows 8.1 for 32-bit Systems 0
-
Microsoft Security Update for Windows 8.1 (KB2988948)
http://www.microsoft.com/downloads/details.aspx?familyid=9bb76612-8133 -41ad-bf69-fe9652f27448
Microsoft Windows 8 for 32-bit Systems 0
-
Microsoft Security Update for Windows 8 (KB2988948)
http://www.microsoft.com/downloads/details.aspx?familyid=f1a17dd4-8bd6 -4ec2-a6e8-c95a067fba53
Microsoft Windows Server 2012 0
-
Microsoft Security Update for Windows Server 2012 (KB2988948)
http://www.microsoft.com/downloads/details.aspx?familyid=0716ef46-6935 -4502-9ae7-e662bbd2882c
References
Microsoft Windows Task Scheduler Local Privilege Escalation Vulnerability
References:
References:
- Microsoft Homepage (Microsoft)